I'm writing some backend script for a twitter app and heres how it's going

On the app you click a button that sends you to login.php on my server which logs into my database connects to twitter with my consumer key and secret: $to = new TwitterOAuth($consumer_key, $consumer_secret);
$tok = $to->getRequestToken();
$request_link = $to->getAuthorizeURL($tok);
and then writes the token and secret to the database, sets a session equal to the id in the database of the token and secret and then redirects to the "$request_link"

You then go through the process of logging in and such on twitter and it redirects you to callback.php on my server

Callback.php consists of logging into the database again, getting the new token and secret, and then writing the new token and secret to the database and then prompts you to go back to the app

Then on the app, all I'm trying to do is access the basic credentials$to->get('account/verify_credentials') and it keeps coming back "could not authenticate you"